https://materializedview.io/p/cloud-storage-triad-latency-cost-durability
- latency, cost, durability
https://materializedview.io/p/s3-is-showing-its-age
- basic and advanced features
https://materializedview.io/p/you-should-be-streaming-data-on-s3
- streaming data on S3 ??
- WarpStream (Kafka substitute)
S3 caveats
https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/
| Issue | Advice |
|---|---|
| ListObjects is not the only way to get object keys | don’t rely on validating only that ListBucket is denied |
| Incomplete multipart uploads are not observable | need lifecycle rule to delete partial multipart uploads. |
| Multipart upload listings leak return principal ARNs | |
| Access control lists can grant access based on email | avoid ACLs |
| Storage class is uploader’s choice | IAM policy with a special condition key |
| Pretty much everything is uploader’s choice | use pre-signed URLs |
| S3 will tell you the bucket owner if you ask nicely | disallow ListBuckets, ListBucketVersions and ListMultipartUploads |
| Keys are case sensitive | |
| VloudFront and Cognito are ways to make a bucket public, not detected by security tools | review explicitly |
Optimizing performance
https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance.html